/**
 * Copyright 2008-2009 HAN.BIFANG
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 *
 */
package han.bifang.business.sec.access.db;

import han.bifang.business.dao.AuthDao;
import han.bifang.business.dao.UserDao;
import han.bifang.business.sec.access.Authenticator;
import han.bifang.business.sec.access.LoginContext;
import han.bifang.common.entity.SoaUser;
import han.bifang.common.exception.BifangException;
import han.bifang.common.utils.CommonUtils;

/**
 * @Author Kent
 */
public class DbAuthenticator implements Authenticator {

	@Override
	public boolean checkPermission(String loginName, String serviceCode)
			throws BifangException {
		try {
			
			return AuthDao.checkPermission(loginName, serviceCode);
			
		} catch (BifangException e) {
			throw e;
		}
		
	}

	@Override
	public boolean checkUser(LoginContext ctx)
			throws BifangException {
		
		
		try {
			String loginName = (String)ctx.getAttribute(LoginContext.USER);
			SoaUser u = UserDao.getUserByLoginName(loginName);
			if(u == null){
				return false;
			}
			String password = (String)ctx.getAttribute(LoginContext.PASSWORD);
			if(CommonUtils.isEmpty(u.getUserPassword()) && CommonUtils.isEmpty(password)){
				return true;
			}
			if(u.getUserPassword().equals(password)){
				return true;
			}
			return false;
		} catch (BifangException e) {
			throw e;
		}
		
	}

}
